Bug#736947: prelink clears file capabilities

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#736947: prelink clears file capabilities
From: Dirk Griesbach <spamthis@freenet.de>
Date: Tue, 28 Jan 2014 18:47:36 +0100
Message-id: <[🔎] 20140128174736.GA17861@freenet.de>
Reply-to: Dirk Griesbach <spamthis@freenet.de>, 736947@bugs.debian.org

Package: prelink
Version: 0.0.20090925-8
Severity: normal
Tags: patch

prelink will destroy file capabilities of processed files and prelink -u
does not restore them either. E.g. ping will fail for non-root users
with "icmp open socket: Operation not permitted" because the capability
"cap_net_raw+p" is removed. Please consider applying the patch[1]
mentioned in the Fedora BTS[2].

Regards,
Dirk

[1] https://bugzilla.redhat.com/attachment.cgi?id=462093
[2] https://bugzilla.redhat.com/show_bug.cgi?id=456105

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.13.0 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages prelink depends on:
pn  execstack  <none>

prelink recommends no packages.

prelink suggests no packages.

Reply to:

Prev by Date: audit_2.3.3-4_amd64.changes ACCEPTED into unstable
Next by Date: Bug#727395: marked as done (libbinio: run dh-autoreconf to update config.{sub,guess} and {libtool,aclocal}.m4)
Previous by thread: audit_2.3.3-4_amd64.changes ACCEPTED into unstable
Next by thread: Bug#727395: marked as done (libbinio: run dh-autoreconf to update config.{sub,guess} and {libtool,aclocal}.m4)
Index(es):
- Date
- Thread